Design/Logic Flaw

A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.1...

Design/Logic Flaw

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba h...

CVE-2020-24636

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aru...

CVE-2020-24636

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aru...

CVE-2021-25144

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Insta...

Vulnerability fixed in Atlassian Bitbucket

By placing a specially crafted DLL file in the Bitbucket installation directory, an unauthorized user can execute arbitrary code with SYSTEM privileges on a Windows system on which the vulnerable Bitbucket software is installed. Atlassian has released updates to fix the vulnerability. fix. For mo...

Exploit for CVE-2020-17057

cve-2020-17057 cve-2020-17057 poc 微软于2020-11-10日发布补丁修补...

PYSEC-2020-118

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

PYSEC-2020-318

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the fill argument of tf.strings.asstring, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a printf call is constructed. This may result in segmentati...

GHSA-Q4QF-3FC6-8X34 Segfault and data corruption in tensorflow-lite

Impact To mimic Python's indexing with negative values, TFLite uses ResolveAxis to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds:...

GHSA-8FXW-76PX-3RXV Memory leak in Tensorflow

Impact If a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/c/eager/dlpack.ccL100-L104 The allocated memory is from...

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

Cybersecurity researchers today disclosed a new highly critical "wormable" vulnerability—carrying a severity score of 10 out of 10 on the CVSS scale—affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw CVE-2020-1350, dubbed 'SigRed ' by Check Point, could all...

Security Advisory - Use After Free Vulnerability in Several Smartphones

There is a use after free vulnerability in several smartphones. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution...

GHSA-977J-XJ7Q-2JR9 Segmentation faultin TensorFlow when converting a Python string to `tf.float16`

Impact Converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which...

vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution

?php / --------------------------------------------------------------------- vBulletin = 5.5.4 updateAvatar Remote Code Execution Vulnerability --------------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................:...

vBulletin 5.0 < 5.5.4 - (updateAvatar) Authenticated Remote Code Execution Exploit

Exploit for php platform in category web applications ?php / --------------------------------------------------------------------- vBulletin = 5.5.4 updateAvatar Remote Code Execution Vulnerability --------------------------------------------------------------------- author..............: Egidio...

New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released

A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers. Exim maintainers today released an urgent security update—Exim...

CVE-2019-1148

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

Important Flaw in Outlook App for Android Affects Over 100 Millions Users

Update 22 June 2019 — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here. Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability ...

OpenAM (Open Source Edition) vulnerable to open redirect

Overview OpenAM Open Source Edition contains an open redirect vulnerability. Norihito Aimoto of Open Source Solution Technology Corporation reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developers. Impact When accessing a specially crafted page, the user may be redirect...